Datenschutzerklärung – Last updated: February 2026
This privacy policy applies to kroo.dev and console.kroo.dev.
The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data is any data with which you can be personally identified. Detailed information on the subject of data protection can be found in our privacy policy listed below.
Your data is collected in two ways: data you actively provide to us (e.g. when creating an account, entering contact information, or configuring integrations) and data collected automatically by our IT systems when you visit the website (primarily technical data such as browser type, operating system, and time of page access).
You have the right to receive information about the origin, recipient, and purpose of your stored personal data free of charge at any time. You also have the right to request correction or deletion of this data. If you have given consent to data processing, you can revoke this consent at any time. You also have the right to request the restriction of processing of your personal data and to lodge a complaint with the competent supervisory authority.
Jannik Jung
jung.dev – Software Solutions & Consulting
Hauptstraße 92
69469 Weinheim
Germany
Email: web@jung.dev
The responsible party is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, email addresses, etc.).
This website is hosted by Cloudflare, Inc. (101 Townsend St., San Francisco, CA 94107, USA). When you visit our website, your personal data (e.g. IP addresses, contact inquiries, metadata, technical data) is processed on Cloudflare’s servers.
The use of Cloudflare is based on Art. 6(1)(f) GDPR. We have a legitimate interest in presenting our website as reliably and securely as possible. The application backend (console.kroo.dev) runs on Cloudflare Workers; all request processing occurs on Cloudflare’s edge network. A data processing agreement (DPA) has been concluded with Cloudflare to ensure GDPR compliance. Cloudflare holds EU–US Data Privacy Framework certification.
The hosting provider automatically collects and stores information in server log files that your browser transmits to us. These include: browser type and version, operating system, referrer URL, hostname of the accessing computer, time of the server request, and IP address. This data is not merged with other data sources. Collection is based on Art. 6(1)(f) GDPR — the operator has a legitimate interest in the technically error-free presentation and optimization of the website.
When you create an account on console.kroo.dev, we collect the data you provide during registration (e.g. email address, name). This data is processed for the purpose of providing and managing your account. The legal basis is Art. 6(1)(b) GDPR (contract fulfillment). Your account data is stored for as long as your account is active.
We use GitHub OAuth for authentication. When you sign in, we receive your GitHub user ID, username, email address, and avatar URL from GitHub. We do not receive your GitHub password. This data is used solely for account authentication and display purposes. The legal basis is Art. 6(1)(b) GDPR.
If you contact us by email, your inquiry including all personal data provided (name, email, inquiry content) will be stored and processed for the purpose of handling your request. This data will not be passed on without your consent. Processing is based on Art. 6(1)(b) GDPR if your request relates to contract fulfillment, or Art. 6(1)(f) GDPR based on our legitimate interest in effective processing of inquiries.
We use Stripe, Inc. (510 Townsend St., San Francisco, CA 94103, USA) to process payments for the Pro plan. When you subscribe, Stripe processes your payment information (credit card details, billing address). We do not store your full payment details on our servers — they are handled entirely by Stripe. The legal basis is Art. 6(1)(b) GDPR (contract fulfillment). Stripe’s privacy policy: stripe.com/privacy.
Kroo clones your repository into an isolated, sandboxed environment to investigate bugs and generate fixes. The cloned code is deleted automatically when the agent run finishes — no source code is persisted beyond the duration of a single run. The legal basis is Art. 6(1)(b) GDPR (contract fulfillment of the service you signed up for).
When you connect third-party services such as Sentry, Linear, or Slack, Kroo receives event data (error reports, issue details, messages) from those services via their APIs. This data is used solely to trigger and inform agent runs. The legal basis is Art. 6(1)(b) GDPR. Each third-party service has its own privacy policy governing its data practices.
When using Bring Your Own Key (BYOK), API requests containing code context are sent to the LLM provider you configure (e.g. Anthropic, OpenAI, Google). All provider connections use OAuth-based authentication; tokens are stored in encrypted form and used solely to make API calls on your behalf. The legal basis is Art. 6(1)(b) GDPR.
Personal data is retained only as long as necessary for the purposes stated in this privacy policy, or as required by legal retention obligations (e.g. tax and commercial law retention periods). When the purpose of storage ceases or a statutory retention period expires, personal data is routinely deleted.
This site uses SSL/TLS encryption for security. An encrypted connection is recognized by the browser address bar changing from “http://” to “https://” and a padlock symbol. When SSL/TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Under GDPR, you have the following rights regarding your personal data:
To exercise any of these rights, contact us at web@jung.dev.
The use of contact data published in this imprint for sending unsolicited advertising and information materials is hereby objected to. The operators expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam emails.